(1) Field of the Invention
The present invention relates to a content usage management system that distributes license information, which allows a user who requests usage of a content to use the content on the user's terminal under a certain usage rule, via a communication network from a management device.
(2) Description of the Prior Art
In recent years, systems that distribute some digital productions such as music, videos and games via the Internet or digital broadcasting have been developed, and a part of them is now in a phase for practical use. For distributing these contents, the methodology of content usage control, which restricts the number of times of reproduction (play/playback), moving and copying of the distributed content, have also been examined from a viewpoint of copyright protection, etc. The conventional digital content distribution systems, as disclosed in the Japanese Laid-Open Patent Application Nos. 2000-48076 and 2000-293439, have been modeled to distribute a usage rule of the content for each user together with the content itself to a recipient side to make everything be managed by a user terminal side.
For example, when a user wants to purchase a right to see the movie “Matrix” three times, the user terminal receives the content of the movie together with its usage rule indicating, “Matrix can be viewed three times” via communication from a distribution server, and the reproduction of the content is under the management according to the usage rule. Once the above-mentioned usage rule is sent to the user terminal, the distribution server is no longer involved with the usage rule of the user.
When “Matrix” is viewed by reproducing the content stored in the user terminal, a process to reduce by one is executed for each viewing of the content from the number of views permitted in the usage rule that is managed by the user terminal. Then, a process is executed to prohibit any views when the number of views permitted becomes zero.
FIG. 1 shows a structure of the conventional digital content distribution system.
A distribution server 110 is equipped with a user management database 111 that stores ID information, etc. of the user registered as a member, a content information database 116 that stores a usage rule of a content, a content database 119 that stores a content, a user authentication unit 112 that executes user authentication, a content information generation unit 117 that generates content information including information on a usage rule of a content and an encryption key, a content information encryption unit 118 that encrypts the content information, a content acquirement unit 120 that acquires the content which is specified from the content database 119, a content encryption unit 121 that encrypts a content, and a communication unit 122 that communicates with a user terminal 130.
On the other hand, the user terminal 130 is equipped with a communication unit 131 that communicates with the distribution server 110, an ID information storage unit 132 that stores ID information, a storage unit 133 that stores the encrypted content, a content information decryption unit 137 that decrypts the content key and usage rule from the received content information, a usage rule management unit 138 that manages the usage rule and the content key of the content, a usage rule processing unit 139 that performs processing for judging whether or not the usage rule is met when the content is reproduced, and a content decryption unit 135 that decrypts the content with the content key acquired from the usage rule processing unit 139 when the usage rule is met.
FIG. 2 shows a processing flow in the case where the user terminal 130 purchases a content from the distribution server 110 in this digital content distribution system. When a user requests to purchase a content, the distribution server 110 and the user terminal 130 perform the following processing.
S201: The communication unit 131 in the user terminal 130 acquires ID information of the user terminal 130 which is stored in the ID information storage unit 132, and sends this ID information with the content purchase request to the distribution server 110.
S202: The user authentication unit 112 receiving this information through the communication unit 122 on the distribution server 110 collates the received ID information with the ID information stored in the user management database 111 to execute user authentication, and then passes the content purchase request to the content information generation unit 117.
S203: The content information generation unit 117 executes billing processing for the content purchase, acquires the usage rule and the content key information of the purchased content from the content information database 116, and then passes the content key with the information of the purchased content to the content acquirement unit 120. Also, the content information generation unit 117 generates the content information including information of the usage rule and content key, and passes the content information to the content information encryption unit 118. The content information encryption unit 118 then encrypts the content information.
S204: The content acquirement unit 120 acquires the relevant content from the content database 119, and the content encryption unit 121 encrypts this content with the content key. The communication unit 122 on the distribution server 110 sends the encrypted content and the encrypted content information to the user terminal 130.
S205: The communication unit 131 in the user terminal 130 receives (1) the encrypted content and (2) the encrypted content information including the content key and usage rule information, and
S206: sends the encrypted content to the storage unit 133 to be stored.
S207: The encrypted content information is also sent to the content information decryption unit 137. The content information decryption unit 137 decrypts the encrypted content information, takes out the content key and usage rule, and stores them in the usage rule management unit 138.
FIG. 3 shows a processing flow in the case where the user terminal 130 reproduces a content in this digital content distribution system. When the user requests to reproduce the content, the user terminal 130 performs the following processing.
S301: The usage rule processing unit 139 acquires the usage rule and content key for the relevant content being managed in the usage rule management unit 138, and
S302: checks the reproduction number of times (how many times the content is permitted to be reproduced) in the usage rule.
S303: If it is judged that the reproduction number of times is larger than 0,
S304: the reproduction number of times in the usage rule is decremented, and
S305: the usage rule is stored in the usage rule management unit 138.
S306: The content decryption unit 135 acquires the relevant content from the storage unit 133, and
S307: decrypts the content with the content key passed from the usage rule processing unit 139, and reproduces the content.
When the reproduction number of times is judged not to be larger than 0 in Step S303, it terminates the reproduction process.
In order to avoid any leaks of confidential information, the ID information storage unit 132, the content information decryption unit 137 and the usage rule management unit 138 that handle the confidential information are generally realized in a security module such as an IC card, and this security module is loaded to the user terminal 130. In this case, when the information of the usage rule and content key is transferred to the usage rule processing unit 139 from the usage rule management unit 138, this information is encrypted and outputted from the security module. In addition, when the usage rule updated by the usage rule processing unit 139 is stored in the usage rule management unit 138, the updated usage rule is encrypted once again for sending out to the security module. In the conventional digital content distribution system, the usage rule of the content for each user is managed in such a way at the user terminal side.
However, when the usage rule for each user is entirely managed at the user terminal, a complex management scheme of the usage rule is necessary for the user terminal. Although such a function does not put a big load on the user terminal that can easily perform a complex processing like a PC, it can be a heavy load for portable equipment such as a mobile phone or a home appliance.